This privacy statement applies to all companies belonging to the EFICO group and describes how we collect, process, store and protect personal data.
1. WHICH PERSONAL DATA DO WE COLLECT?
The personal data we collect may include:
- Name and surname
- Telephone and/or mobile phone number
- Email address
- Date of birth
- Job title and employer
- Marital status and family composition
- Career and education
- Financial and fiscal data
- Complaint details and requests specifically expressed by the data subject
- Contractual agreements
- IP address
- Browser type
- Language preference
- Posts on social media applications we utilise
- Online behaviour and preferences
- Images and audiovisual data
- Data relating to the performance of our services
- Other relevant information
It is also possible that we collect personal data of a so-called “sensitive” nature (special data categories), like:
Health (e.g. a disablement or other specific medical condition that we should take into account (allergy, etc.) when the data subject enters our business premises or when we organise a business lunch)
Our products, services and website are not designed or intended for children. We therefore do not actively nor intentionally collect and store, except possibly for our employees, the personal data of children.
The personal data that we process always depends on specific circumstances, for example, the nature of the service or the product that we are to provide, the legal obligations to which we are subject, our related legitimate interests or the specific consent that you grant us to that end.
2. WHO DO WE COLLECT PERSONAL DATA FROM?
We collect personal data, amongst others, from:
- our clients, suppliers, business contacts and potential clients (or from our contact persons at the latter);
- our contact persons with government agencies and other (public) institutions;
- our employees and job applicants;
- the visitors to our website and social media;
- the visitors to our business premises;
- the family members of our employees.
3. HOW DO WE COLLECT PERSONAL DATA?
We collect personal data in various ways, particularly personal data that we receive:
- from the data subject him-/herself;
- from the data subject’s employer or co-contractor (e.g. when our client or supplier is a company and the data subject is appointed by this company as the contact person, etc.);
- from other parties (e.g. government agencies, headhunters, etc.);
- via the use of our website, social media and other tools;
- publicly available information.
4. WHY DO WE PROCESS PERSONAL DATA?
Except in situations where we process personal data based on consent, we may process personal data for the following purposes and based on the following legal grounds (this is not an exhaustive list):
4.1. DELIVERY OF PRODUCTS OR SERVICES TO OUR (POTENTIAL) CLIENTS
We process personal data within the context of delivering our products and/or services to our (potential) clients (contract/pre-contractual phase/legitimate interests). The personal data are processed within the context of delivering products or services to the data subject him/herself, to the data subject’s employer (e.g. our (potential) clients) or to the data subject’s contracting party (our (potential) clients).
4.2. FULFILLING OUR LEGAL OBLIGATIONS
In some cases, we are legally obliged to process certain personal data, such as:
As an employer we are, amongst other things, obliged to collect certain data (such as our employees’ national register number, marital status and family situation) and, should the need arise, disclose data to the competent government agencies.
4.3. ADMINISTRATIVE AND FINANCIAL PROCESSING
We process personal data within the scope of our own administrative, accounting and corporate obligations based on our legitimate interests and legal obligations.
4.4. PERSONNEL ADMINISTRATION AND EMPLOYEE RECRUITMENT
We have to process our employees’ and ex-employees’ data within the scope of our personnel administration (contract/legal obligation).
We collect job applicants’ personal data (contract and where applicable consent for data that the job applicant provides us with voluntarily, but without it being necessary and unsolicited) within the framework of the recruitment of new employees.
4.5. DIRECT MARKETING
We have a legitimate interest for processing our client’s (or contact persons at our clients) personal data for electronically transmitting advertising messages, newsletters, invitations to commercial events and such like, provided these pertain to similar products and services as delivered to them before.
We always ask the data subject’s consent for all other marketing campaigns transmitted by electronic means.
Finally, we have a legitimate interest for undertaking marketing campaigns by non-electronic means.
4.6. COLLECTION OF PERSONAL DATA VIA OUR WEBSITE
We have a legitimate interest for processing the personal data of data subjects:
- who leave their data behind on our website and this with a view to fulfilling their specific request;
- that visit our website and this within the context of managing and improving our website. In this respect, we refer to our cookies policy.
4.7. INTERNAL RISK ANALYSES, AUDITS AND PENETRATION TESTS
We have a legitimate interest for processing personal data within the scope of internal risk analysis, audits and penetration tests, which are either conducted on our own initiative or on the initiative of a third party that is authorised to that end (for example, the competent data protection authority), or for contractual purposes.
4.8. INVITATION TO AND PROMOTION OF EVENTS AND WORKSHOPS
We have a legitimate interest for processing personal data within the scope of the organisation of events and workshops for our clients and the promotion thereof by means of the publication of a report, video’s and images of the event or workshop on our website and social media pages.
5. WHO DO WE DISCLOSE PERSONAL DATA TO?
We only disclose personal data to commercial partners with your consent or when this is necessary for delivering our products or services.
Furthermore, we disclose personal data to our own processors (for example, our payroll agency, ICT and social media partners, etc.) subject to a data processing agreement, our other consultants that act as controllers (for example, our attorney-at-law, accountant, etc.), government and judicial authorities and (professional and government) inspection services.
We do not disclose any data to receivers established in third countries (non-EU countries) except with your consent, if this is necessary for the delivery of our services to the data subject or our client or if we are legally obliged thereto (for example, pursuant to an enforceable judgement or attachment).
If, for any of the above mentioned reasons, we have to disclose personal data to a receiver established in a third country, we shall comply with the legal obligations regarding such transfer.
6. HOW LONG DO WE STORE PERSONAL DATA?
We store personal data, as the appropriate case may be:
- for the purpose of our liability period after providing our products/services;
- as long as we are legally obliged to store the personal data;
- in case of a judicial contention, administrative or arbitral proceeding, until a definitive decision is given in the context of this proceeding, unless we are legally required to store the personal data for a longer period;
- in all other cases for a reasonable and proportionate period.
7. HOW DO WE PROTECT YOUR PERSONAL DATA?
We have developed a security policy, which is tested and adjusted at regular intervals, in the context of which technical and organisational measures are taken that are aimed at:
- raising awareness regarding the treatment of personal data amongst our employees and other persons working for us and, from time to time, implementing adjustments (by way of inspections and periodic training);
- restricting access to personal data (both at organisational and IT-technical level);
- protecting personal data (by way of appropriate IT-technical measures taking into account the state of the art and the related costs and risks of processing, such as encryption, anti-virus software, firewalls, transfer via secure connections, etc.);
- ensuring the correctness of the data;
- ensuring confidential treatment of the personal data;
- remedying, preventing and tracing data leaks (being accidental or unlawful destruction, loss, alteration, provision of or access to personal data that has been transferred, stored or otherwise processed), to the extent possible.
8. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?
Your rights as a data subject whose personal data we process are:
- right to transparency (right to be informed about the processing of your personal data by our offices in a clear and comprehensible language);
- right to inspect, improve and delete your personal data;
- right to transferability of your data into a normal machine-readable format;
- right to withdraw your previously given consent;
- right to request the processing to be restricted or to object to the processing;
- right to file a complaint with the competent data protection authority.
It should be noted that these rights are not always absolute, that under certain circumstances we are entitled or even legally obliged to process your personal data further or that our secrecy obligation prevents us from providing certain information and that we therefore cannot always (fully) honour your request. If such is the case, we will inform you accordingly.
You can exercise these rights free of charge, except in case of misuse, in which case we are entitled to charge administration costs to meet your requests.
All queries relating to exercising your rights can be addressed to: @email.
9. CHANGES TO THIS PRIVACY STATEMENT
We have the right to change this privacy statement at any time in order to bring it into line with the (changes to) the relevant legislation, national and international official positions and judicial decisions.
You can consult the most recent version of this privacy statement at any time on our website.
WHAT IS A COOKIE?
Cookies are small data files or small text files that are stored on your local computer (or on other devices with Internet access such as smartphones or tablets) when you visit websites. They contain information about the website in question. Cookies are stored in a specific directory on your hard drive and have a unique ID and a specific duration. When you re-visit a certain website, the cookies are re-sent to the website, enabling it to recognise you as a returning visitor and certain preferences that you have indicated beforehand (such as your preferred language).
Cookies can be categorised according to:
- Their lifetime;
- Their origin;
- Their type.
A distinction can first be made between cookies on the basis of their lifetime, namely: “session cookies” and “persistent cookies”.
- Session cookies are deleted when you close your browser;
- Persistent cookies are saved on your computer/device for a pre-determined period of time (or until you delete them manually (see below)).
As regards the origin of cookies, a distinction can be made between what is known as “first party cookies” and “third party cookies”.
- First party cookies are placed and managed by ourselves. They ensure our website operates correctly and make it possible to save your preferences (such as your preferred language).
- Third party cookies are created by a third party and placed on your computer.
As regards cookie types, a distinction can be made between:
- Functional cookies: these cookies ensure the website operates correctly.
- Non-functional (analytical) cookies: these are cookies that are used, in particular, for statistical, performance analysis, tracking or advertising purposes. These cookies make it possible, for example, to obtain statistical information about the website (such as the number of visitors to the site or the most frequently consulted subjects, etc.). Other cookies track visitors on the website (browsing behaviour) and create a user profile that can be used subsequently for advertising purposes, for example.
Efico Group does not use tracking or advertising cookies.
<<<< INSERT TABLE >>>
This table provides an overview of the different types of cookies that we use on the Efico Group website, together with their respective purpose and duration (i.e., how long each cookie remains on your computer/device).
HOW CAN I MANAGE MY COOKIES?
Most internet browsers are set up to accept cookies automatically. You can modify your browser’s settings to block cookies or to be informed when cookies are sent to your computer.
The way in which you can delete cookies or adapt the cookie settings depends on the internet browser that you use and sometimes also on the version that you have installed.
You will find further information on how to manage cookies in the most common internet browsers via the links below:
If you use Microsoft Internet Explorer:
If you use Mozilla Firefox:
If you use Google Chrome:
If you use Safari:
If you deactivate the cookies we use, this may have an impact on your experience when you visit the Efico Group website. You may no longer be able to visit certain pages of the Efico Group website or your visit to the Efico Group website may no longer be customised (for example, you will have to re-set your preferred language each time).
If you visit the Efico Group website using different devices (for example, your computer, smartphone, tablet, etc.), you must ensure that each browser on each device is adapted to your cookie preferences.
SOCIAL MEDIA BUTTONS
You will also find third party social networking site buttons (such as Facebook, LinkedIn, YouTube Instagram and Twitter) on our website. Among other things, these buttons enable you to share the content of our web pages with other people on the social networks in question. When you click on the button, you are transferred to the respective social network. The social networks concerned may collect data about you, for example, relating to data you read and share on our website. These data are gathered and managed entirely on the initiative of the social network in question. We do not have access to this data and have no control over them. For further information on the use of your data by the social networks concerned, we recommend you consult the privacy statement and general terms and conditions of the social network in question.
QUESTIONS ABOUT THIS POLICY
All queries relating to our policy can be addressed to: firstname.lastname@example.org.